Hi Rowan,
> > That's one thing I can tolerate.
>> Funny, I figured that would be the worst part. But I guess if you've
> got total control over who has editing rights anyway (a CMS-style
> environment, rather than a truly wiki-ish one), this isn't such a big
> deal after all.
If it turns out, that I'm using the whole day on removing malicious category
links, I'll think about another solution :-)
> I'm pretty sure it's the other way around - the "parser" has to go
> through the wikitext, and pick out any category links it finds; these
> are then plonked in the database for other use if the page is being
> saved. On preview, they're just added in the little box at the bottom
> of the page, without the database being updated.
I guess it works more like 1. grabbing all the wiki text, from DB _and_ from
the user's edit form, then 2. pass it to the parser. That's why a check of
the access rights in a function that only grabs from DB isn't sufficient...
> $wgOut (the instance of OutputPage.php)
Yes, that's the key. The very last action of index.php is to call
$wgOut->output(), so I copied my (slightly modified) quickhack code to this
function and it seems to work.
So we got three places to modify:
includes/Title.php prevent access for default view, editing, diff
includes/OutpuPage.php prevent access in case of preview of templates
LocalSettings.php define access rights
------------------------
includes/OutputPage.php, line 370 (function output() at the beginning):
# inserted by m:o
global $wgRequireUser;
// get categories as array
$parentCategories = $this->getCategoryLinks();
if( !empty($parentCategories) ) //prevents php warning for uncategorized pages
{
// go through all categories wich have restrictions
foreach( $wgRequireUser as $category => $requiredUser )
{
// go through all categories to which a page belongs to
foreach( $parentCategories as $key => $siteCategoryLink )
{
// is the page in a category that is restricted?
// strip_tags gets rid of the <a href...>
if( $category==strip_tags($siteCategoryLink) )
{
// ...then check, whether the user is the right one!
$user = $wgUser->getName();
$isUsrAllowed = preg_match("/\b$user\b/", "$requiredUser");
// not the right one? -> go away!
if( $isUsrAllowed!=1 )
{
// don't show any categories on the 'login required'-page
$this->mCategoryLinks = array();
$this->loginToUse();
$this->mBodytext .= '<br><br>Wenn du von einer Bearbeiten-Seite hier
gelandet bist, hast du versucht, ein geschuetztes template einzubinden.
Benutze den Zurueck-Button in deinem Browser!<br><br>If you ended up here
coming from an editing site, you have tried to use a protected template.
Please use the back button of your browser!';
}
}
}
}
}
# /inserted by m:o
------------------------
includes/OutputPage.php, line 623 (function loginToUse()):
//comment the following:
$this->returnToMain(); # Flip back to the main page after 10
seconds.
Cheers,
- Moritz